Certified Information Systems Auditor (CISA) — Question 1180

An IS auditor has scanned an organization's wireless network. Which of the following data sources would BEST enable the auditor to identify rogue wireless access points?

Answer options

• A. Inventory of security incidents
• B. IT asset inventory
• C. IT help desk tickets
• D. Library of change requests

Correct answer: B

Explanation

The IT asset inventory is crucial for identifying rogue wireless access points as it provides a comprehensive list of all authorized devices connected to the network. In contrast, the inventory of security incidents focuses on past security breaches, help desk tickets pertain to user issues, and change requests relate to modifications made in the IT environment, none of which directly assist in identifying unauthorized access points.